Offline Signature Verification by Combining Graph Edit Distance and Triplet Networks

Biometric authentication by means of handwritten signatures is a challenging pattern recognition task, which aims to infer a writer model from only a handful of genuine signatures. In order to make it more difficult for a forger to attack the verification system, a promising strategy is to combine different writer models. In this work, we propose to complement a recent structural approach to offline signature verification based on graph edit distance with a statistical approach based on metric learning with deep neural networks. On the MCYT and GPDS benchmark datasets, we demonstrate that combining the structural and statistical models leads to significant improvements in performance, profiting from their complementary properties

Introduction to Presentation Attacks in Signature Biometrics and Recent Advances

Applications based on biometric authentication have received a lot of interest in the last years due to the breathtaking results obtained using personal traits such as face or fingerprint. However, it is important not to forget that these biometric systems have to withstand different types of possible attacks. This chapter carries out an analysis of different Presentation Attack (PA) scenarios for on-line handwritten signature verification. The main contributions of this chapter are: i) an updated overview of representative methods for Presentation Attack Detection (PAD) in signature biometrics; ii) a description of the different levels of PAs existing in on-line signature verification regarding the amount of information available to the impostor, as well as the training, effort, and ability to perform the forgeries; and iii) an evaluation of the system performance in signature biometrics under different scenarios considering recent publicly available signature databases, DeepSignDB and SVC2021_EvalDB. This work is in line with recent efforts in the Common Criteria standardization community towards security evaluation of biometric systems.Comment: Chapter of the Handbook of Biometric Anti-Spoofing (Third Edition

Modelling Smart Card Security Protocols in SystemC TLM

Smart cards are an example of advanced chip technology. They allow information transfer between the card holder and the system over secure networks, but they contain sensitive data related to both the card holder and the system, that has to be kept private and confidential. The objective of this work is to create an executable model of a smart card system, including the security protocols and transactions, and to examine the strengths and determine the weaknesses by running tests on the model. The security objectives have to be considered during the early stages of systems development and design, an executable model will give the designer the advantage of exploring the vulnerabilities early, and therefore enhancing the system security. The Unified Modeling Language (UML) 2.0 is used to model the smart card security protocol. The executable model is programmed in SystemC with the Transaction Level Modeling (TLM) extensions. The final model was used to examine the effectiveness of a number of authentication mechanisms with different probabilities of failure. In addition, a number of probable attacks on the current security protocol were modeled to examine the vulnerabilities. The executable model shows that the smart card system security protocols and transactions need further improvement to withstand different types of security attacks

Reversing the Irreversible: A Survey on Inverse Biometrics

With the widespread use of biometric recognition, several issues related to the privacy and security provided by this technology have been recently raised and analysed. As a result, the early common belief among the biometrics community of templates irreversibility has been proven wrong. It is now an accepted fact that it is possible to reconstruct from an unprotected template a synthetic sample that matches the bona fide one. This reverse engineering process, commonly referred to as \textit{inverse biometrics}, constitutes a severe threat for biometric systems from two different angles: on the one hand, sensitive personal data (i.e., biometric data) can be derived from compromised unprotected templates; on the other hand, other powerful attacks can be launched building upon these reconstructed samples. Given its important implications, biometric stakeholders have produced over the last fifteen years numerous works analysing the different aspects related to inverse biometrics: development of reconstruction algorithms for different characteristics; proposal of methodologies to assess the vulnerabilities of biometric systems to the aforementioned algorithms; development of countermeasures to reduce the possible effects of attacks. The present article is an effort to condense all this information in one comprehensive review of: the problem itself, the evaluation of the problem, and the mitigation of the problem. The present article is an effort to condense all this information in one comprehensive review of: the problem itself, the evaluation of the problem, and the mitigation of the problem.Comment: 18 pages, journal, surve

Security Features in Fingerprint Biometric System

Nowadays, embedded systems run in every setting all around the globe. Recent advances in technology have created many sophisticated applications rich with functionality we have never seen. Nonetheless, security and privacy were a common issue for these systems, whether or not sensitive data can be protected from malicious attacks. These concerns are justified on the grounds that the past of security breaches and the resulting consequences narrate horrific stories concerning embedded systems. The attacks are now evolving, becoming more complex with technological advancements. Therefore, a new way of implementing security in embedded systems must be pursued. This paper attempts to demonstrate the incorporation of security features in fingerprint biometric system in the requirements analysis phase, ensuring the same throughout the system life cycle of embedded systems based on case study. The comparison of various biometric technologies such as face, fingerprint, iris, palm print, hand geometry gait, signature, and keystroke is presented. The aim of this paper includes analyzing, decomposing and transforming the threats and counter-measures identified during the requirements analysis using the abuse case into more specific safety requirements or functions. Furthermore, we have shown that the incorporation of security features into the biometric fingerprint system by analyzing the requirements of the system and providing the main steps for the protection of the biometric system in this paper

A novel hand reconstruction approach and its application to vulnerability assessment

This is the author’s version of a work that was accepted for publication in Information Sciences. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in Information Sciences, 238 (2014) DOI: 10.1016/j.ins.2013.06.015The present work proposes a novel probabilistic method to reconstruct a hand shape image from its template. We analyse the degree of similarity between the reconstructed images and the original samples in order to determine whether the synthetic hands are able to deceive hand recognition systems. This analysis is made through the estimation of the success chances of an attack carried out with the synthetic samples against an independent system. The experimental results show that there is a high chance of breaking a hand recognition system using this approach. Furthermore, since it is a probabilistic method, several synthetic images can be generated from each original sample, which increases the success chances of the attack.This work has been partially supported by projects Contexts (S2009/TIC-1485) from CAM, Bio-Challenge (TEC2009-11186), BIOSINT (TEC2012-38630-C04-02) and Bio-Shield (TEC2012-34881) from Spanish MINECO, TABULA RASA (FP7-ICT-257289) and BEAT (FP7-SEC-284989) from EU, and Cátedra UAM-Telefónica. Marta Gomez-Barrero is supported by a FPU Fellowship from Spanish MECD